cybersecurity-digital-forensics.jpg
As we gear towards a more data-driven world, we find that information and security are inextricably linked to each other. With the world’s technological advancement growing rapidly, we see the same rapid growth in the risks surrounding tech—ones involving data privacy infringement, online fraud, and other high-tech crimes.

Finding themselves at the frontlines of this tumultuous war against cyber security threats is Group-IB, a global leader in preventing and investigating cybercrimes.

Having been in the business since 2003, the company has been active in the field of computer forensics and information security, protecting the largest international companies against financial losses and reputation risks.

What ultimately prompted the creation of Group-IB was its founder and CEO, Ilya Sachkov’s first-level education in information security while based in Moscow. He said it was mere coincidence that he read an American book on cybercrime investigation as a business written by Kevin Mandia.

Intrigued by the prospects of mounting a company based on digital forensics, a point of curiosity for him was how despite the number of cybersecurity companies in Russia, nobody at the time offered the specific service of cybercrime investigation.

From day one, Group-IB team has been relentlessly gathering and analyzing information about cyber criminals and their activity, as well as developing threat data collection tools. These technologies formed the basis of adversary-centric security solutions.

Also read: From Moscow to Singapore: How a global leader in cyber security found its way to Southeast Asia

In late 2013, GIB Threat Intelligence service came out of stealth mode. Later, the company introduced TDS (Threat Detection System) – intelligence driven network security solutions for proactive threat hunting and response, and Secure Bank – advanced fraud defense and user authentication technology, currently protecting over 70 million clients of online banking platforms.

Fast forward to 2018, Group-IB is now recognized as one of the leading threat intelligence vendors by Gartner, Forrester, and IDC for providing unique insights into cyber threats. More importantly, Group-IB has helped prosecute hundreds of cybercrime organized groups across many countries.

As of today, Group-IB has announced expanding its work in Asia-Pacific, moving its headquarters to Singapore with Ilya Sachkov himself leading the ship in the region.

Navigating the tech side of Group-IB’s digital forensic service

An important starting point for digital forensics is tracking the digital footprint of a cyber criminal. The general idea is that prior to the act of hacking itself, a cybercriminal undergoes a series of preparations.

The key is to detect attacks in their early stages by predicting a threat based on preparation patterns. Sachkov parallels this to physical threats where, for example in the instance of a bombing, it is best to preempt the attack as it is being planned out versus when the bomb is already approaching its target.

Group-IB also houses sophisticated data on the infrastructure of cybercriminals spanning fifteen years of digital footprint—providing patterns and changes on how cybercrimes are carried out, making it easier for them to predict attacks.

Why expand to Singapore?

The company entered the APAC market 3 years ago. Group-IB’s portfolio of clients in Asia includes banks, financial and government organizations in Singapore, Thailand and other countries. Southeast Asia accounts for more than 30% of the company’s international revenue. Those are not the only reasons why Group-IB has decided to open its Global HQ in Singapore.

According to Group-IB’s annual Hi-Tech Crime Trends report findings, Asia is one of the most actively attacked regions in the world. Over the past year, 21 state-sponsored groups were detected in the area, which is exceeds Europe and the US combined.

Singapore, Hong Kong, Seoul, Shanghai, and many other financial powerhouses in Asia are likely to become primary targets of financially motivated hacker groups in the near future. Group-IB aims to empower local companies and government organizations with the knowledge and tools to better prepare for rapidly evolving cyber threats targeting the region.

For Sachkov, it is important to bring Group-IB to Singapore because he recognizes and trusts the grasp of the Singaporean cybersecurity ecosystem on the matter. He highlights that it is crucial to develop synergy between the Group-IB experts and specialists originating from Singapore because of their level of understanding of local threats. Group-IB already partners with the INTERPOL Digital Crime Centre located in Singapore

Singapore’s rapid economic growth has ramped up the interest of financially motivated hackers and state-sponsored hacker groups. He argues further that what Group-IB can bring to the table is to share more technical information to the local atmosphere, highlighting that work is still needed in terms of achieving difficult technical levels in certain cybersecurity professions like malware researchers.

Also read: Singapore’s financial sector cyber security guidelines have received praise

In order for Group-IB to further establish itself as a global independent entity, it has to establish itself as a structure in different countries.

Good intellectual property protection, good government institutions, and zero corruption were some of the basis Group-IB decided on in choosing Singapore as a new home for its headquarters where the company will manage and keep developing its global threat-hunting infrastructure aimed at adversary-centric detection and proactive threat hunting. “A lot of Michelin restaurants,” Sachkov jokes is an important personal factor.

By 2019, Group-IB is planning to launch CyberCrimeCon in Singapore and Moscow, with the Singapore leg being its largest.